CVE-2025-33182

Summary

NVIDIA Jetson Linux contains a vulnerability in UEFI, where improper authentication may allow a privileged user to cause corruption of the Linux Device Tree. A successful exploitation of this vulnerability might lead to data tampering, denial of service.

Affected Software

VendorProductVersion RangeStatus
NVIDIAJetson Orin Series35.6.2 and earlieraffected
NVIDIAJetson Xavier Series35.6.2 and earlieraffected

Weaknesses

  • CWE-862: CWE-862 Missing Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References